Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2013-0744, CVE-2013-0746, CVE-2013-0750, CVE-2013-0753, CVE-2013-0754, CVE-2013-0762, CVE-2013-0766, CVE-2013-0767, CVE-2013-0769)
A flaw was found in the way Chrome Object Wrappers were implemented.
Malicious content could be used to cause Firefox to execute arbitrary code via plug-ins installed in Firefox. (CVE-2013-0758)
A flaw in the way Firefox displayed URL values in the address bar could allow a malicious site or user to perform a phishing attack.
(CVE-2013-0759)
An information disclosure flaw was found in the way certain JavaScript functions were implemented in Firefox. An attacker could use this flaw to bypass Address Space Layout Randomization (ASLR) and other security restrictions. (CVE-2013-0748)
After installing the update, Firefox must be restarted for the changes to take effect.
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text is (C) Scientific Linux.
#
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(63471);
script_version("1.17");
script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/14");
script_cve_id("CVE-2013-0744", "CVE-2013-0746", "CVE-2013-0748", "CVE-2013-0750", "CVE-2013-0753", "CVE-2013-0754", "CVE-2013-0758", "CVE-2013-0759", "CVE-2013-0762", "CVE-2013-0766", "CVE-2013-0767", "CVE-2013-0769");
script_name(english:"Scientific Linux Security Update : firefox on SL5.x, SL6.x i386/x86_64 (20130108)");
script_summary(english:"Checks rpm output for the updated packages");
script_set_attribute(
attribute:"synopsis",
value:
"The remote Scientific Linux host is missing one or more security
updates."
);
script_set_attribute(
attribute:"description",
value:
"Several flaws were found in the processing of malformed web content. A
web page containing malicious content could cause Firefox to crash or,
potentially, execute arbitrary code with the privileges of the user
running Firefox. (CVE-2013-0744, CVE-2013-0746, CVE-2013-0750,
CVE-2013-0753, CVE-2013-0754, CVE-2013-0762, CVE-2013-0766,
CVE-2013-0767, CVE-2013-0769)
A flaw was found in the way Chrome Object Wrappers were implemented.
Malicious content could be used to cause Firefox to execute arbitrary
code via plug-ins installed in Firefox. (CVE-2013-0758)
A flaw in the way Firefox displayed URL values in the address bar
could allow a malicious site or user to perform a phishing attack.
(CVE-2013-0759)
An information disclosure flaw was found in the way certain JavaScript
functions were implemented in Firefox. An attacker could use this flaw
to bypass Address Space Layout Randomization (ASLR) and other security
restrictions. (CVE-2013-0748)
After installing the update, Firefox must be restarted for the changes
to take effect."
);
# https://listserv.fnal.gov/scripts/wa.exe?A2=ind1301&L=scientific-linux-errata&T=0&P=307
script_set_attribute(
attribute:"see_also",
value:"http://www.nessus.org/u?be340992"
);
script_set_attribute(attribute:"solution", value:"Update the affected packages.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_set_attribute(attribute:"exploit_framework_core", value:"true");
script_set_attribute(attribute:"exploited_by_malware", value:"true");
script_set_attribute(attribute:"metasploit_name", value:'Firefox 17.0.1 Flash Privileged Code Injection');
script_set_attribute(attribute:"exploit_framework_metasploit", value:"true");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:firefox");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:firefox-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:xulrunner");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:xulrunner-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:xulrunner-devel");
script_set_attribute(attribute:"cpe", value:"x-cpe:/o:fermilab:scientific_linux");
script_set_attribute(attribute:"vuln_publication_date", value:"2013/01/13");
script_set_attribute(attribute:"patch_publication_date", value:"2013/01/08");
script_set_attribute(attribute:"plugin_publication_date", value:"2013/01/11");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_family(english:"Scientific Linux Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/RedHat/release", "Host/RedHat/rpm-list");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("misc_func.inc");
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/RedHat/release");
if (isnull(release) || "Scientific Linux " >!< release) audit(AUDIT_HOST_NOT, "running Scientific Linux");
os_ver = pregmatch(pattern: "Scientific Linux.*release ([0-9]+(\.[0-9]+)?)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Scientific Linux");
os_ver = os_ver[1];
if (! preg(pattern:"^6([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Scientific Linux 6.x", "Scientific Linux " + os_ver);
if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if (cpu >!< "x86_64" && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Scientific Linux", cpu);
flag = 0;
if (rpm_check(release:"SL5", reference:"firefox-10.0.12-1.el5_9")) flag++;
if (rpm_check(release:"SL5", reference:"firefox-debuginfo-10.0.12-1.el5_9")) flag++;
if (rpm_check(release:"SL5", reference:"xulrunner-10.0.12-1.el5_9")) flag++;
if (rpm_check(release:"SL5", reference:"xulrunner-debuginfo-10.0.12-1.el5_9")) flag++;
if (rpm_check(release:"SL5", reference:"xulrunner-devel-10.0.12-1.el5_9")) flag++;
if (rpm_check(release:"SL6", reference:"firefox-10.0.12-1.el6_3")) flag++;
if (rpm_check(release:"SL6", reference:"firefox-debuginfo-10.0.12-1.el6_3")) flag++;
if (rpm_check(release:"SL6", reference:"xulrunner-10.0.12-1.el6_3")) flag++;
if (rpm_check(release:"SL6", reference:"xulrunner-debuginfo-10.0.12-1.el6_3")) flag++;
if (rpm_check(release:"SL6", reference:"xulrunner-devel-10.0.12-1.el6_3")) flag++;
if (flag)
{
security_report_v4(
port : 0,
severity : SECURITY_HOLE,
extra : rpm_report_get()
);
exit(0);
}
else
{
tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, "firefox / firefox-debuginfo / xulrunner / xulrunner-debuginfo / etc");
}
Vendor | Product | Version | CPE |
---|---|---|---|
fermilab | scientific_linux | firefox | p-cpe:/a:fermilab:scientific_linux:firefox |
fermilab | scientific_linux | firefox-debuginfo | p-cpe:/a:fermilab:scientific_linux:firefox-debuginfo |
fermilab | scientific_linux | xulrunner | p-cpe:/a:fermilab:scientific_linux:xulrunner |
fermilab | scientific_linux | xulrunner-debuginfo | p-cpe:/a:fermilab:scientific_linux:xulrunner-debuginfo |
fermilab | scientific_linux | xulrunner-devel | p-cpe:/a:fermilab:scientific_linux:xulrunner-devel |
fermilab | scientific_linux | x-cpe:/o:fermilab:scientific_linux |
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0744
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0746
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0748
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0750
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0753
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0754
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0758
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0759
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0762
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0766
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0767
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0769
www.nessus.org/u?be340992